vuln disclosure
CVE-2022-23278: Microsoft Defender for Endpoint EDR Sensor Spoofing VulnerabilityCVE-2022-23278
CVE-2022-23278 is a spoofing vulnerability in Microsoft Defender for Endpoint's EDR sensor that could allow network-based attackers to manipulate security telemetry or impersonate trusted components. The flaw affects Windows, Linux, macOS, and Android endpoints, requiring no user interaction or privileges but with high attack complexity. Successful exploitation could undermine endpoint detection integrity across heterogeneous environments.